Game Over for Gameover Zeus: Disrupting a Global Cybercriminal Operation

Ben Feinstein is the Director of Counter Threat Unit (CTU) Operations & Development with Dell SecureWorks. Ben is an author of RFC 4765 and RFC 4767, and has over a decade of experience designing, implementing and operationalizing security-related information systems. His major areas of expertise include network IDS/IPS, digital forensics and incident response, and security operations. Ben has presented at numerous conferences, including Black Hat USA, DEF CON, ToorCon, DeepSec and the U.S. Department of Defense Cyber Crime Conference.
He is active in his local DEF CON group, DC404.

On June 2, 2014, Operation Tovar was announced, a multi-national initiative to disrupt the Gameover Zeus botnet and seize infrastructure supporting Cryptolocker ransomware. This initiative was, in part aided by security experts from the Dell SecureWorks Counter Threat Unit (CTU). Gameover Zeus and Cryptolocker were part of a larger cybercriminal ecosystem representative of threats faced by many organizations today.

During this interactive webcast, Ben Feinstein, Director of CTU Operations and Development, will discuss details of the adversary’s operations and tradecraft behind Gameover Zeus and Operation Tovar. Ben will also share clear guidance on how to defend against similar threats in the future. As a result, security professionals can draw lessons on how to better defend against and respond to this broader class of threats. The webcast will answer key questions such as:

How did the Gameover Zeus botnet operate and deliver its malware payloads to thousands of systems worldwide?

How was the Gameover Zeus threat group monetizing their botnet?

What was Operation Tovar and how did it work?

Why do these threats matter to your organization?

What concrete actions should your organization be taking to address this class of threats?